RFR: 8245527: LDAP Cnannel Binding support for Java GSS/Kerberos
Daniel Fuchs
daniel.fuchs at oracle.com
Tue Jun 30 17:40:11 UTC 2020
Hi Michael,
On 30/06/2020 15:57, Osipov, Michael wrote:
> TLS channel binding is not tied to LDAP, it can be used with other
> protocols, even custom ones. I see no good reason to have the property
> contain jndi.ldap or use NamingException. IllegalArgumentException would
> be approriate here
It is not appropriate for new InitialContext() to throw
IllegalArgumentException.
I would be thrilled if everything could be handled in the
security libs and the SASL implementation but AFAICT some
interaction from the JNDI code is still required.
At the moment the only place where this property is used
is with the LDAP provider so I believe com.sun.jndi.ldap is
appropriate for this changeset.
best regards,
-- daniel
More information about the security-dev
mailing list